We already have dozens of applications that use CAS using the standard spring security setup, using cookies/sessions/etc. Now, I'd like to start adding applications that take advantage of the OAuth support in CAS, but I'm unsure if the SSO functionality would be lost across those two different authentication mechanisms.
If a user logs into app A with the standard cas login, and gets a jsession, if they go to app B, which is also secured with cas, but instead relies on OAuth, will the user still be able to access that application and not see the login screen again?
